1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/http/http_auth.h"
9 #include "base/basictypes.h"
10 #include "base/strings/string_tokenizer.h"
11 #include "base/strings/string_util.h"
12 #include "net/base/net_errors.h"
13 #include "net/http/http_auth_challenge_tokenizer.h"
14 #include "net/http/http_auth_handler.h"
15 #include "net/http/http_auth_handler_factory.h"
16 #include "net/http/http_request_headers.h"
17 #include "net/http/http_response_headers.h"
18 #include "net/http/http_util.h"
22 HttpAuth::Identity::Identity() : source(IDENT_SRC_NONE), invalid(true) {}
25 void HttpAuth::ChooseBestChallenge(
26 HttpAuthHandlerFactory* http_auth_handler_factory,
27 const HttpResponseHeaders* headers,
30 const std::set<Scheme>& disabled_schemes,
31 const BoundNetLog& net_log,
32 scoped_ptr<HttpAuthHandler>* handler) {
33 DCHECK(http_auth_handler_factory);
34 DCHECK(handler->get() == NULL);
36 // Choose the challenge whose authentication handler gives the maximum score.
37 scoped_ptr<HttpAuthHandler> best;
38 const std::string header_name = GetChallengeHeaderName(target);
39 std::string cur_challenge;
41 while (headers->EnumerateHeader(&iter, header_name, &cur_challenge)) {
42 scoped_ptr<HttpAuthHandler> cur;
43 int rv = http_auth_handler_factory->CreateAuthHandlerFromString(
44 cur_challenge, target, origin, net_log, &cur);
46 VLOG(1) << "Unable to create AuthHandler. Status: "
47 << ErrorToString(rv) << " Challenge: " << cur_challenge;
50 if (cur.get() && (!best.get() || best->score() < cur->score()) &&
51 (disabled_schemes.find(cur->auth_scheme()) == disabled_schemes.end()))
58 HttpAuth::AuthorizationResult HttpAuth::HandleChallengeResponse(
59 HttpAuthHandler* handler,
60 const HttpResponseHeaders* headers,
62 const std::set<Scheme>& disabled_schemes,
63 std::string* challenge_used) {
66 DCHECK(challenge_used);
67 challenge_used->clear();
68 HttpAuth::Scheme current_scheme = handler->auth_scheme();
69 if (disabled_schemes.find(current_scheme) != disabled_schemes.end())
70 return HttpAuth::AUTHORIZATION_RESULT_REJECT;
71 std::string current_scheme_name = SchemeToString(current_scheme);
72 const std::string header_name = GetChallengeHeaderName(target);
74 std::string challenge;
75 HttpAuth::AuthorizationResult authorization_result =
76 HttpAuth::AUTHORIZATION_RESULT_INVALID;
77 while (headers->EnumerateHeader(&iter, header_name, &challenge)) {
78 HttpAuthChallengeTokenizer props(challenge.begin(), challenge.end());
79 if (!LowerCaseEqualsASCII(props.scheme(), current_scheme_name.c_str()))
81 authorization_result = handler->HandleAnotherChallenge(&props);
82 if (authorization_result != HttpAuth::AUTHORIZATION_RESULT_INVALID) {
83 *challenge_used = challenge;
84 return authorization_result;
87 // Finding no matches is equivalent to rejection.
88 return HttpAuth::AUTHORIZATION_RESULT_REJECT;
92 std::string HttpAuth::GetChallengeHeaderName(Target target) {
95 return "Proxy-Authenticate";
97 return "WWW-Authenticate";
100 return std::string();
105 std::string HttpAuth::GetAuthorizationHeaderName(Target target) {
108 return HttpRequestHeaders::kProxyAuthorization;
110 return HttpRequestHeaders::kAuthorization;
113 return std::string();
118 std::string HttpAuth::GetAuthTargetString(Target target) {
126 return std::string();
131 const char* HttpAuth::SchemeToString(Scheme scheme) {
132 static const char* const kSchemeNames[] = {
140 COMPILE_ASSERT(arraysize(kSchemeNames) == AUTH_SCHEME_MAX,
141 http_auth_scheme_names_incorrect_size);
142 if (scheme < AUTH_SCHEME_BASIC || scheme >= AUTH_SCHEME_MAX) {
144 return "invalid_scheme";
146 return kSchemeNames[scheme];